-
Notifications
You must be signed in to change notification settings - Fork 882
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expose _get_credentials
of BasicAuthAuthenticationPolicy
#2659
Comments
I was surprised to discover that this It feels like a couple changes could be made to make this more helpful. Instead of a |
For my case the best would be to export this functionality in a way that I could call it with any header, not only |
Where do you need it? I am thinking that the Authn/z is too complicated already; I am not sure Pyramid core should have anything about passwords really. |
Sorry, I read the commit now, this is a sane change of course... |
Closed via #2662. |
Currently the
_get_credentials
method ofBasicAuthAuthenticationPolicy
is an instance method, witch prevents from using this well-tested bit of functionality outside of AuthPolicy scope.Backward-compatible propositions:
_get_credentials
an exposedstaticmethod
:get_credentials
(as it does not requireself
orcls
to operate)Request
object methodReasoning:
In my case I have to support legacy quirks, where some non-authorization headers contain HTTP Basic authinfo, so currently my options are:
Before I jump to hacking a PR, maybe some discussion on best/other possibilities?
The text was updated successfully, but these errors were encountered: